CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2966 matches found

Vulnrichment•added 2025/10/09 4:13 p.m.•5 views

CVE-2025-59994 Junos Space: Quick Template page is vulnerable to reflected cross-site script injection

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...

6.1CVSS6.5AI score0.00035EPSS

Exploits0References1

Vulnrichment•added 2025/10/09 3:18 a.m.•3 views

CVE-2025-47342 Use After Free in BT Controller

Transient DOS may occur when multi-profile concurrency arises with QHS enabled...

7.1CVSS6.5AI score0.00053EPSS

Exploits0References1

Positive Technologies•added 2025/10/09 12:0 a.m.•6 views

PT-2025-41431

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4 Description An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' issue exists in Juniper Networks Junos Space. This allows an attacker to inject script tags...

6.1CVSS6.9AI score0.00035EPSS

Exploits0References3

Positive Technologies•added 2025/10/09 12:0 a.m.•7 views

PT-2025-41430

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4 Description An issue exists in Juniper Networks Junos Space that allows an attacker to inject script tags into the Quick Template page. When another user visits this page, the attacker can...

6.1CVSS6.6AI score0.00035EPSS

Exploits0References3

EUVD•added 2025/10/08 12:30 p.m.•2 views

EUVD-2025-31823

A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /editcustomer.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

9.8CVSS7.2AI score0.00042EPSS

Exploits1References7

OSV•added 2025/10/07 3:45 p.m.•2 views

SUSE-SU-2025:20819-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc124074...

7.8CVSS7AI score0.0005EPSS

Exploits3References13

OSV•added 2025/10/07 3:38 p.m.•3 views

SUSE-SU-2025:20815-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_6

This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: - CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth error bsc1245509 - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315...

5.5CVSS5.8AI score0.0005EPSS

Exploits2References5

SUSE Linux•added 2025/10/07 3:38 p.m.•2 views

Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744 CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650...

8.7CVSS7.8AI score0.0005EPSS

Exploits3References20